We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-33228

SolarWinds Network Configuration Manager Sensitive Information Disclosure Vulnerability



Description

The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.

Reserved 2023-05-18 | Published 2023-11-01 | Updated 2024-09-05 | Assigner SolarWinds


MEDIUM: 4.5CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-311 Missing Encryption of Sensitive Data

Product status

Default status
unaffected

2023.3.1 and previous versions
affected

Credits

SolarWinds would like to thank Arnaud Cordier (CryptID) for reporting on the issue in a responsible manner. finder

References

www.solarwinds.com/...ter/security-advisories/CVE-2023-33228

documentation.solarwinds.com/...ncm_2023-4_release_notes.htm

cve.org (CVE-2023-33228)

nvd.nist.gov (CVE-2023-33228)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-33228

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.